public inbox for glibc-bugs@sourceware.org
help / color / mirror / Atom feed
* [Bug malloc/26731] New: [regression 2.26] malloc with TCACHE does not respect M_PERTURB
@ 2020-10-14 5:28 thiago at kde dot org
0 siblings, 0 replies; only message in thread
From: thiago at kde dot org @ 2020-10-14 5:28 UTC (permalink / raw)
To: glibc-bugs
https://sourceware.org/bugzilla/show_bug.cgi?id=26731
Bug ID: 26731
Summary: [regression 2.26] malloc with TCACHE does not respect
M_PERTURB
Product: glibc
Version: 2.32
Status: UNCONFIRMED
Severity: normal
Priority: P2
Component: malloc
Assignee: unassigned at sourceware dot org
Reporter: thiago at kde dot org
Target Milestone: ---
Tested on 2.32, but the code dates back to 2.27.
Testcase:
#include <malloc.h>
#include <stdlib.h>
#include <stdio.h>
#define BLKSIZE 64
void check_block_null(const char *which, unsigned char *ptr, size_t len)
{
size_t count = 0;
for (size_t i = 0; i < len; ++i) {
if (ptr[i] == 0)
continue;
fprintf(stderr, "Byte %d in %s block %p is not null (%#02x)\n",
i, which, ptr, ptr[i]);
++count;
}
if (count)
abort();
}
int main()
{
mallopt(M_PERTURB, 0xff);
unsigned char *ptr = malloc(BLKSIZE);
check_block_null("first", ptr, BLKSIZE);
// overwrite block
for (size_t i = 0; i < BLKSIZE; ++i)
ptr[i] = i;
free(ptr);
ptr = malloc(BLKSIZE);
check_block_null("reallocated", ptr, BLKSIZE);
}
This prints the following then crashes (openSUSE Tumbleweed):
Byte 0 in reallocated block 0x4592a0 is not null (0x59)
Byte 1 in reallocated block 0x4592a0 is not null (0x4)
Byte 16 in reallocated block 0x4592a0 is not null (0x10)
Byte 17 in reallocated block 0x4592a0 is not null (0x11)
Byte 18 in reallocated block 0x4592a0 is not null (0x12)
Byte 19 in reallocated block 0x4592a0 is not null (0x13)
Byte 20 in reallocated block 0x4592a0 is not null (0x14)
Byte 21 in reallocated block 0x4592a0 is not null (0x15)
Byte 22 in reallocated block 0x4592a0 is not null (0x16)
Byte 23 in reallocated block 0x4592a0 is not null (0x17)
Byte 24 in reallocated block 0x4592a0 is not null (0x18)
Byte 25 in reallocated block 0x4592a0 is not null (0x19)
Byte 26 in reallocated block 0x4592a0 is not null (0x1a)
Byte 27 in reallocated block 0x4592a0 is not null (0x1b)
Byte 28 in reallocated block 0x4592a0 is not null (0x1c)
Byte 29 in reallocated block 0x4592a0 is not null (0x1d)
Byte 30 in reallocated block 0x4592a0 is not null (0x1e)
Byte 31 in reallocated block 0x4592a0 is not null (0x1f)
Byte 32 in reallocated block 0x4592a0 is not null (0x20)
Byte 33 in reallocated block 0x4592a0 is not null (0x21)
Byte 34 in reallocated block 0x4592a0 is not null (0x22)
Byte 35 in reallocated block 0x4592a0 is not null (0x23)
Byte 36 in reallocated block 0x4592a0 is not null (0x24)
Byte 37 in reallocated block 0x4592a0 is not null (0x25)
Byte 38 in reallocated block 0x4592a0 is not null (0x26)
Byte 39 in reallocated block 0x4592a0 is not null (0x27)
Byte 40 in reallocated block 0x4592a0 is not null (0x28)
Byte 41 in reallocated block 0x4592a0 is not null (0x29)
Byte 42 in reallocated block 0x4592a0 is not null (0x2a)
Byte 43 in reallocated block 0x4592a0 is not null (0x2b)
Byte 44 in reallocated block 0x4592a0 is not null (0x2c)
Byte 45 in reallocated block 0x4592a0 is not null (0x2d)
Byte 46 in reallocated block 0x4592a0 is not null (0x2e)
Byte 47 in reallocated block 0x4592a0 is not null (0x2f)
Byte 48 in reallocated block 0x4592a0 is not null (0x30)
Byte 49 in reallocated block 0x4592a0 is not null (0x31)
Byte 50 in reallocated block 0x4592a0 is not null (0x32)
Byte 51 in reallocated block 0x4592a0 is not null (0x33)
Byte 52 in reallocated block 0x4592a0 is not null (0x34)
Byte 53 in reallocated block 0x4592a0 is not null (0x35)
Byte 54 in reallocated block 0x4592a0 is not null (0x36)
Byte 55 in reallocated block 0x4592a0 is not null (0x37)
Byte 56 in reallocated block 0x4592a0 is not null (0x38)
Byte 57 in reallocated block 0x4592a0 is not null (0x39)
Byte 58 in reallocated block 0x4592a0 is not null (0x3a)
Byte 59 in reallocated block 0x4592a0 is not null (0x3b)
Byte 60 in reallocated block 0x4592a0 is not null (0x3c)
Byte 61 in reallocated block 0x4592a0 is not null (0x3d)
Byte 62 in reallocated block 0x4592a0 is not null (0x3e)
Byte 63 in reallocated block 0x4592a0 is not null (0x3f)
--
You are receiving this mail because:
You are on the CC list for the bug.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2020-10-14 5:28 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-10-14 5:28 [Bug malloc/26731] New: [regression 2.26] malloc with TCACHE does not respect M_PERTURB thiago at kde dot org
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).